You could store a key on your server for that username, and then encrypt there password using that key. Then store the encrypted part on there computer in a cookie, with their username.

That whay you can check that the password matches. You could just encrypt the password with itself, but by using the key, you can reset the keys occasionaly to force users to relogin.

The problem is no matter what you do, if you store it in a cookie then its not going to be total secure. You can make it very difficult for anyone to get the actualy password but they could still use the same coookie on a different computer to gain access.

___________
Eric Hodges